Most of the talk of retailers being hacked over the last several months has been of the massive data breach that included credit card details at Target. We mentioned last week that Target wasn’t the only retailer that had suffered a significant data breach. Neiman Marcus was also hacked and private data on customers was stolen.
More detail is coming to light about the Neiman Marcus security breach and reports indicate that the breach at the retailer went undetected for six months. The breach was apparently active and stealing data from July until December of 2013.
Some sources claim that the security breach at Neiman Marcus wasn't fully contained until Sunday January 12, 2014. Neiman Marcus admitted that it first learned in mid-December that there was suspicious activity going on involving credit cards used at its stores. The retailer said that some of its customer's cards were used fraudulently after they were used to make purchases at Neiman Marcus stores.
The company said at the time that it didn’t think social security numbers and birth dates had been compromised. Neiman Marcus told credit card companies that the first breach had a time stamp on it from mid-July according to people claiming to be familiar with the situation. Neiman Marcus is saying that it has no indication that the breach on its servers has anything to do with the data breach at Target. Neiman Marcus is being criticized for not telling customers sooner that it had been breached. The announcement of the breach didn’t come until after the lucrative holiday shopping season was over.